<?php 
/* ================================================================================
 * LWAdmin	 
 *
 * users_edit.php: This is where users information can be changed.
 *
 * Author: Eric Hendrickson (enhendrickson@liberty.edu)
 * Date: 2/18/05
   ================================================================================ */

	global $SSO, $Security, $AppID, $User, $DB;

	//Check to see if there is a valid session 
	$SessionInfo = $SSO->isValidSession("index.php?action=login", $SSO->getSessionInformation());	
	
	//Check to see if the user has rights to be on LWAdmin
	$PageRights = array('ADMIN', 'USERADMIN');
	$Security->ValidateUser($SessionInfo['username'], $AppID, $PageRights, 1);
	
	//Grab the user info
	$UserInfo = $User->GetUserInfo($SessionInfo['username']);
	
	if(isset($_POST['btnSubitInfo']) && !isset($_POST['val_username']))
	{
		$validator = new FormValidation();
		$validator->validateForm('fdf/Admin_Users_frmEditUser.xml');

		$db_string = $DB->compile_db_update_string( 
		array (
			'FirstName'		=> $_POST['txtFirstName'],
			'MiddleName'   		=> $_POST['txtMiddleName'],
			'LastName'    		=> $_POST['txtLastName'],
			'Email'		=> $_POST['txtEmail'],
			'HomePhone'		=> $_POST['txtHomePhone'],
			'WorkPhone'   		=> $_POST['txtWorkPhone'],
			'Address1'    		=> $_POST['txtAddress1'],
			'Address2'    		=> $_POST['txtAddress2'],
			'Zip'		=> $_POST['txtZip'],
			'City'		=> $_POST['txtCity'],
			'State'   		=> $_POST['sbxState'])
			);
		
		$DB->query("UPDATE users SET " . $db_string . " WHERE Username = '" . $_POST['username'] . "'");
		
		header("Location: index.php?action=users");
	}
?>

<table style="border-spacing:0px;border:0px;padding:0px;" width="100%">
	<tr>
		<td>
			<form action="index.php?action=users_edit" method="post" name="frmEditUser">
			<?php 
				if(isset($_POST['selUsers']))
				{
					$DeleteUserInfo = $User->GetUserInfo($_POST['selUsers']);
				}
			
				$DB->query("SELECT * FROM users WHERE username = '" . $_POST['selUsers'] . "'");
				while($row = $DB->fetch_row())
				{
					$_POST['val_username'] = $_POST['selUsers'];
					$_POST['val_txtFirstName'] = $row['FirstName'];
					$_POST['val_txtMiddleName'] = $row['MiddleName'];
					$_POST['val_txtLastName'] = $row['LastName'];
					$_POST['val_txtHomePhone'] = $row['HomePhone'];
					$_POST['val_txtWorkPhone'] = $row['WorkPhone'];
					$_POST['val_txtEmail'] = $row['Email'];
					$_POST['val_txtAddress1'] = $row['Address1'];
					$_POST['val_txtAddress2'] = $row['Address2'];
					$_POST['val_txtCity'] = $row['City'];
					$_POST['val_sbxState'] = $row['State'];
					$_POST['val_txtZip'] = $row['Zip'];
				}
			
				include('users_info.php');
				
			?>
			</form>
		</td>
	</tr>
</table>